mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-26 11:06:07 +00:00
Code Issues 25 Releases Wiki Activity
31,439 Commits 28 Branches 426 Tags 667 MiB
6234acb717
Commit Graph

13169 Commits

Author SHA1 Message Date
Mariusz Felisiak
e1c74bf458 [4.2.x] Refs #21080, Refs #34322 -- Added warning to ManifestStaticFilesStorage docs about paths in comments. 
Backport of bae053d497 from main.
 2023-02-16 19:20:41 +01:00
David Smith
ce10686604 [4.2.x] Refs #32339 -- Doc'd BaseFormSet.as_div() 
Backport of 4038a8df0b from main
 2023-02-15 09:24:59 +01:00
Carlton Gibson
b7aab1fb3a [4.2.x] Fixed #34328 -- Added async-only class-based middleware example. 
Backport of ce8189eea0 from main
 2023-02-14 14:16:19 +01:00
Carlton Gibson
ac8cf0ae76 [4.2.x] Added CVE-2023-24580 to security archive. 
Backport of ecafcaf634 from main
 2023-02-14 09:53:00 +01:00
Markus Holtermann
7ac5ff37b8 [4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files. 
Thanks to Jakob Ackermann for the report.
 2023-02-14 08:21:18 +01:00
Sarah Boyce
de42d51361 [4.2.x] Fixed #29994 -- Added warning about performance of FileBasedCache with a large number of files. 
Co-authored-by: sheenarbw <699166+sheenarbw@users.noreply.github.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 1eb94bc8da from main
 2023-02-13 21:09:55 +01:00
Sota Tabu
8cc5caa113 [4.2.x] Fixed #34318 -- Added release note for 4bfe8c0eec. 
Backport of 3e9d413231 from main
 2023-02-13 14:13:16 +01:00
Carlton Gibson
b784768eef [4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.

Backport of 534ac48297 from main.
 2023-02-10 21:12:06 +01:00
dennisvang
4a89aa25c9 [4.2.x] Fixed #34325 -- Corrected wording in PercentRank() docs. 
This is consistent with the terminology used for the percent_rank()
function in SQLite docs and PostgreSQL docs.

Backport of 7bb741d787 from main
 2023-02-10 19:07:24 +01:00
p0lygun
aaacf72c4c [4.2.x] Fixed #34324 -- Mentioned Discord server in contributing index. 
Backport of 358792486e from main
 2023-02-10 06:21:04 +01:00
Willem Van Onsem
7a88b1f5aa [4.2.x] Fixed #34311 -- Updated serialization docs from unique_together to UniqueConstraint. 
Backport of 292aacaf6c from main
 2023-02-09 05:56:31 +01:00
Carlton Gibson
efe16fd72a [4.2.x] Added missing vars to AdminSite.each_context() docs. 
Backport of 1964e4367f from main
 2023-02-08 18:00:37 +01:00
Mariusz Felisiak
836ae73a89 [4.2.x] Fixed #34319 -- Fixed Model.validate_constraints() crash on ValidationError with no code. 
Thanks Mateusz Kurowski for the report.

Regression in 667105877e.
Backport of 2fd755b361 from main
 2023-02-08 16:39:53 +01:00
Tim Schilling
757c456d23 [4.2.x] Fixed #34146 -- Added 3rd-party lib tutorial step. 
Added a tutorial step that highlights Django Debug Toolbar, on of the
most common third party packages. It also added a mention of
djangopackages.com as a place to search for other libraries and a
link to Adam Johnson’s post on evaluating whether a package is
well-maintained.

Third-party packages are one of Django’s strengths. This should give
folks a sound route in.

Backport of 7715c9fef5 and
1df7814e4b from main
 2023-02-07 20:22:11 +01:00
Carlton Gibson
600b88db4c [4.2.x] Added stub release notes for 4.0.10 and 3.2.18. 
Set date for 4.1.7 release.

Backport of 7e003428f9 from main
 2023-02-07 10:10:22 +01:00
Marcelo Galigniana
9306a8d18f [4.2.x] Fixed #34310 -- Added deletion example to one-to-one topic. 
Backport of 7c6195ef81 from main
 2023-02-07 08:05:17 +01:00
Mariusz Felisiak
9a1848f48c
[4.2.x] Increased the default PBKDF2 iterations for Django 4.2. 
See https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2.

Thanks Markus Holtermann for the report.
 2023-02-04 13:36:06 +01:00
Mariusz Felisiak
ba7d8ac37d [4.2.x] Added stub release notes for 4.1.7. 
Backport of f3c89744cc from main
 2023-02-01 13:22:00 +01:00
Mariusz Felisiak
379b37171b [4.2.x] Added CVE-2023-23969 to security archive. 
Backport of 36e3eef7d5 from main
 2023-02-01 12:10:03 +01:00
Nick Pope
8a7b22d4a6 [4.2.x] Fixed CVE-2023-23969 -- Prevented DoS with pathological values for Accept-Language. 
The parsed values of Accept-Language headers are cached in order to
avoid repetitive parsing. This leads to a potential denial-of-service
vector via excessive memory usage if the raw value of Accept-Language
headers is very large.

Accept-Language headers are now limited to a maximum length in order
to avoid this issue.
 2023-02-01 09:45:07 +01:00
Durval Carvalho
af396ce3f9 [4.2.x] Fixed #34180 -- Added note about resetting language in test tear-downs. 
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>

Backport of 40217d1a82 from main
 2023-01-31 07:29:21 +01:00
fschwebel
5159e05e40 [4.2.x] Fixed typo in docs/topics/auth/passwords.txt. 
Wrapped hashing is only possible if the inner wrapped function is the
same as the previous hasher.
Backport of 0265b1b49b from main
 2023-01-30 08:32:13 +01:00
Mariusz Felisiak
719a14badc [4.2.x] Fixed #34291 -- Fixed Meta.constraints validation crash on UniqueConstraint with ordered expressions. 
Thanks Dan F for the report.

Bug in 667105877e.
Backport of 2b1242abb3 from main
 2023-01-26 09:32:14 +01:00
Carlton Gibson
d43fbdf6f1 [4.2.x] Adjusted release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of d8e1442ce2 from main
 2023-01-25 12:26:40 +01:00
Carlton Gibson
50432e3fd5 [4.2.x] Set date and added stub release notes for 4.1.6, 4.0.9, and 3.2.17. 
Backport of 1df963ad24 from main
 2023-01-25 11:58:35 +01:00
noFFENSE
fa52bb7774 [4.2.x] Fixed #34242 -- Doc'd that primary key is set to None when deleting objects. 
Backport of 5cd1385356 from main
 2023-01-20 10:57:30 +01:00
John Whitlock
a3771c8229 [4.2.x] Fixed typo in docs/releases/4.2.txt. 
Backport of d547171183 from main
 2023-01-17 19:28:19 +01:00
Mariusz Felisiak
1452e7cb7f [4.2.x] Doc'd that 4.2 is LTS. 
Backport of 2785e121c7 from main
 2023-01-17 19:25:44 +01:00
Mariusz Felisiak
2cbb3c9135 [4.2.x] Removed remaining empty sections from 4.2 release notes. 
Follow up to 772cd2b15b.
Backport of a209f66259 from main
 2023-01-17 14:05:51 +01:00
Sébastien Corbin
57680658f3 [4.2.x] Fixed #34264 -- Moved release note about session cookies into error reporting section. 
Backport of e2964fed17 from main
 2023-01-17 13:09:47 +01:00
Mariusz Felisiak
81818cc555 [4.2.x] Bumped django_next_version in docs config. 2023-01-17 08:54:30 +01:00
Mariusz Felisiak
9409312eef Updated man page for Django 4.2 alpha. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
e734cccea0 Made cosmetic edits to docs/releases/4.2.txt. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
772cd2b15b Removed empty sections from 4.2 release notes. 2023-01-17 08:51:17 +01:00
Mariusz Felisiak
0e2649fdf4 Fixed #34255 -- Made PostgreSQL backend use client-side parameters binding with psycopg version 3. 
Thanks Guillaume Andreu Sabater for the report.

Co-authored-by: Florian Apolloner <apollo13@users.noreply.github.com>
 2023-01-17 08:24:08 +01:00
Mariusz Felisiak
c8a76059ff Refs #34255 -- Bumped required psycopg version to 3.1.8. 2023-01-17 08:24:08 +01:00
sarahboyce
0fbdb9784d Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase. 
Co-authored-by: Christian Bundy <me@christianbundy.com>
 2023-01-16 09:31:34 +01:00
Steven
4b7016866a Fixed "nulls characters" typo in docs. 2023-01-16 07:54:00 +01:00
Leo
5da5f3773e Fixed #34234 -- Dropped support for PROJ 4. 2023-01-13 12:31:41 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Mariusz Felisiak
d4b4c1cae4
Corrected used JS libraries in GIS widget docs. 
Follow up to 1833eb3f3e.
 2023-01-10 14:25:44 +01:00
Mariusz Felisiak
552384fa97
Refs #31014 -- Added FromWKB and FromWKT GIS database functions. 
Co-authored-by: Ondřej Böhm <ondrej.bohm@firma.seznam.cz>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@gmail.com>
 2023-01-10 11:51:09 +01:00
Francesco Panico
72efd840a8 Fixed #34110 -- Added in-memory file storage. 
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
 2023-01-10 10:56:59 +01:00
Nick Pope
b47f2f5b90 Fixed #33865 -- Optimized LimitedStream wrapper. 
The current implementation of LimitedStream is slow because .read()
performs an extra copy into a buffer and .readline() performs two
extra copies. The stream being wrapped is already typically a BytesIO
object so this is unnecessary.

This implementation has largely been untouched for 12 years and,
inspired by a simpler implementation in werkzeug, it was possible to
achieve the following performance improvement:

LimitedStream.read() (single line):
  Mean +- std dev: [bench_limitedstream-main] 286 ns +- 6 ns
  -> [bench_limitedstream-patch] 227 ns +- 6 ns: 1.26x faster
LimitedStream.readline() (single line):
  Mean +- std dev: [bench_limitedstream-main] 507 ns +- 11 ns
  -> [bench_limitedstream-patch] 232 ns +- 8 ns: 2.18x faster
LimitedStream.read(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 360 ns +- 8 ns
  -> [bench_limitedstream-patch] 297 ns +- 6 ns: 1.21x faster
LimitedStream.readline(8192) (single line):
  Mean +- std dev: [bench_limitedstream-main] 602 ns +- 10 ns
  -> [bench_limitedstream-patch] 305 ns +- 10 ns: 1.98x faster
LimitedStream.read() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 290 ns +- 5 ns
  -> [bench_limitedstream-patch] 236 ns +- 6 ns: 1.23x faster
LimitedStream.readline() (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 517 ns +- 19 ns
  -> [bench_limitedstream-patch] 239 ns +- 7 ns: 2.16x faster
LimitedStream.read(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 363 ns +- 8 ns
  -> [bench_limitedstream-patch] 311 ns +- 11 ns: 1.17x faster
LimitedStream.readline(8192) (multiple lines):
  Mean +- std dev: [bench_limitedstream-main] 601 ns +- 12 ns
  -> [bench_limitedstream-patch] 308 ns +- 7 ns: 1.95x faster

Geometric mean: 1.59x faster
 2023-01-05 19:26:56 +01:00
Mariusz Felisiak
63d1cb0092
Refs #32355 -- Bumped minimum supported versions of 3rd-party packages. 
This bumps minimum supported versions of 3rd-party packages to the first
releases to support Python 3.8.
 2023-01-05 18:09:33 +01:00
Mariusz Felisiak
7d9329935a
Refs #32355 -- Bumped mysqlclient requirement to >= 1.4.3. 
mysqlclient 1.4.3 is the first release to support Python 3.8.
 2023-01-05 16:34:14 +01:00
Raj Desai
d2310f6473 Fixed #34232 -- Fixed typo in docs/intro/tutorial07.txt. 2023-01-04 13:26:34 +01:00
Mariusz Felisiak
5cf9ff970e
Fixed #33961 -- Updated admin's jQuery to 3.6.3. 2023-01-04 11:28:09 +01:00
David Wobrock
99bd5fb4c2 Refs #34074 -- Used headers argument for RequestFactory and Client in docs and tests. 2023-01-04 09:11:36 +01:00